Do not install or run this skill until the author clarifies and tightens its declarations. Specific steps to request or perform before using it: - Require the author to list all runtime dependencies and env vars in the registry metadata: at minimum READWISE_TOKEN, TARGET_NUMBER, and any clawdbot/gemini credentials or config. The script currently fails if TARGET_NUMBER is unset but that variable is not declared anywhere. - Confirm where the LLM call goes: the script uses the gemini CLI (sends your Readwise data to whatever provider gemini is configured to call). If you care about confidentiality, either remove/send less raw data or ensure gemini is a local/private LLM instance. The SKILL.md's "system default LLM" claim is inconsistent with the explicit gemini use. - Verify clawdbot configuration and credentials: understand which service will actually send WhatsApp messages and whether additional tokens or permissions are required; ensure you are willing for the skill to send messages to TARGET_NUMBER automatically. - Consider operational restrictions: require explicit user invocation or set disableModelInvocation:true so the model cannot autonomously trigger deliveries, and add confirmation prompts before sending messages. - Audit network/data flow: the script sends your saved items and archive hits to an LLM process and includes URLs in the payload — review this for privacy concerns. - If you still want to use it: run in an isolated environment first, with test tokens and a test phone number, and inspect gemini/clawdbot binaries to confirm they behave as expected. If the author updates the manifest to accurately list binaries and env vars, documents the data flow to external services, and offers an option to keep the LLM local and to require explicit user approval before sending messages, the inconsistencies would be resolved and the skill could be re-evaluated.